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In the Claims: 

Please amend Claims 1, 3-5, 10, 13, 16-18; cancel claims 2, 6, 15, 19, 26-50; and add new 
Claim 51-55, all as shown below. Applicant respectfully reserves the right to prosecute any 
originally presented claims in a continuing or future application. 

1 . (Currently Amended) A system for single security administration comprising: 

a p l ura li ty of first type server servers , wherein oach of the p l ura li ty of first type server sorvors 
ho l ds group i nformat i on and acc e ss Gontro l list and includes an [[LDAP]] authentication server; 

a plurality of second type servers, wherein each second type server [[that]] includes an 
embedded [[LDAP]] server[[;]] and each second type server is associated with a security data 
repository that r e s i d e s i n th e s e cond typ e serv e r and provides to the second type server user 
security information associated with both the p l ura li ty of first type server s e rv e rs and the second 
type server; 

wherein the first type server holds only access control list and relies on one of the plurality of 
second type servers to provide user and group information, and, 

wherein, in response to receiving a request for authentication from a c lie nt user at any on e 
of sa i d the p l ura li ty of first type server s e rv e rs , the authentication server at the first type server 
determines which second type server stores security information for the particular user; th e syst e m 

initiates an [[LDAP]] session between sa i d on e of sa i d the p l ura li ty of first type server 
s e rv e rs and said second type server[[,]]i_ 

passes query information from said [[LDAP]] authentication server to said embedded 
[[LDAP]] server[[,]]i 

receives corresponding user information^,]]; and 
creates a token that reflects an authentication result that can be used by said client. 

2. (Canceled). 

3. (Currently Amended) The system of claim 1 wherein e ach of said p l ura li ty of first type server 
s e rv e rs is an app li cat i on enterprise server. 

4. (Currently Amended) The system of claim 1 wherein said each second type server is an 
application server. 
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5. (Currently Amended) The system of claim 1 wherein each of said plurality of first type servers is 
a Tux e do enterprise server, and said second server is [[a]] an application W e b l oq i c server. 

6. (Canceled). 

7. (Original) The system of claim 1 wherein said query information is query user information that 
specifies a particular user or group of users. 

8. (Previously Presented) The system of claim 1 wherein the system includes a plurality of servers. 

9. (Original) The system of claim 8 wherein at least two of said plurality of servers include an LDAP 
authentication server. 

10. (Currently Amended) The system of claim 1, further comprising a user information cache that 
caches a copy of said use r authentication information in case of a failure in a communication link 
between the first type server and the second type of server . 

11. (Original) The system of claim 1 wherein the system is scalable to include multiple LDAP 
authentication servers and/or multiple embedded LDAP servers. 

12. (Original) The system of claim 1 wherein at least one of said servers include a console program 
for administering the security of the system. 

13. (Currently Amended) A method for providing single security administration comprising the steps 
of: 

issuing a call to an [[LDAP]] authentication server at ono of a p l ura li ty of first type server 
sorvors , wherein the ono of tho p l ura li ty of f irst type server servers holds only group i nformat i on and 
access control list and relies on one of the plurality of second type servers to provide user and 
group information ; 

determining which second type server stores security information for the particular user; 
passing query user information from said [[LDAP]] authentication server to an embedded 
LDAP server at [[a]] the second type server, wherein the second type server includes a single 
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security data repository that provides the second type server user security information associated 
with both the one of the first type servers and the second server; 

returning corresponding user information to said [[LDAP]] authentication server; and, 

providing an authentication token for use by the client. 

14. (Original) The method of claim 13, further comprising the step, prior to issuing a call, of allowing 
a client to access a default security plugin. 

15. (Canceled). 

16. (Currently Amended) The method of claim 13 wherein e ach of said p l ura li ty of first type server 
s e rv e rs is an enterprise server. 

17. (Currently Amended) The method of claim 13 wherein said each second type server is an 
application server. 

18. (Currently Amended) The method of claim 13 wherein each of said plurality of first type servers 
is a Tux e do enterprise server, and said second server is [[a]] an application W e b l og i c server. 

19. (Canceled). 

20. (Previously Presented) The method of claim 13 wherein said query user information is query 
user information that specifies a particular user or group of users. 

21. (Previously Presented) The method of claim 13, further comprising: including a plurality of 
servers. 

22. (Original) The method of claim 21 wherein at least two of said plurality of servers include an 
LDAP authentication server. 

23. (Original) The method of claim 13, further comprising a user information cache that caches a 
copy of said user information. 

24. (Previously Presented) The method of claim 13, further comprising: 
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being scalable to include multiple LDAP authentication servers and/or multiple embedded 
LDAP servers. 

25. (Original) The method of claim 13 wherein at least one of said servers include a console 
program for administering the security of the system. 

26-50. (Canceled). 

51. (New) The system of claim 1, wherein: the user and group information is eliminated from the 
first type server. 

52. (New) The system of claim 1, wherein: 

the session is a LDAP session that supports a single user security data store and 
administration. 

53. (New) The system of claim 1, wherein: 

each of the plurality of second type of servers supports backup or failover authentication. 

54. (New) The system of claim 1, wherein: 

the first type server also supports a separate independent authentication mechanism with a 
separate security repository. 

55. (New) The system of claim 53, further comprising: 

a migrating utility that takes user security information from the separate security repository 
associated with the first type server and updates the security data repository associated with at 
least one of the plurality of second type servers. 
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